Configuring OpenSSO Enterprise to Act as
an Identity Provider

This use case requires that the ADFS server in the Company C
domain to be configured to recognize the Company A server as an Account
Partner. The Company A server must be configured to recognize the
Company C ADFS server as a Service Provider in a circle of trust.

In the OpenSSO Enterprise environment:

Configure a new keystore for the token signing certificate,
or leverage the one provided by the container.

Create metadata and extended metadata files to define
the Company A OpenSSO Enterprise server as the Identity Provider.

Create metadata and extended metadata files to define
the Company B ADFS server as the Identity Provider, and the Company
C ADFS server as the Resource Provider in a WS-Federation protocol
paradigm.

Create a new circle of trust, and import each Identity
Provider and Service Provider to belong to this new circle of trust.